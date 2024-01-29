Singapore

Major technology safety and security highlights in Singapore in 2023 were related to data breaches and outages.

Financial service outages

In October 2023, DBS, one of the largest Singapore banks, experienced an operational failure due to a centre outage, which resulted in 2.5 million failed transactions. Although the reason for failure was not to be associated with a cyberattack at the time, given a prior history of outages, it will have implications on the bank's strategies and priorities among which shall be increased reliability and safety of the services. As reported by the media, Citibank operations were also affected. While we embrace attention to improving the reliability and security of the infrastructure, it's still a time of changes, which always opens a window of opportunities for attackers.

DDoS attacks

Another highlight was related to web service outages of several public hospitals and polyclinics due to a distributed denial-of-service (DDoS) attack: the attackers flooded servers with internet traffic to prevent users from accessing online services. The disruption did not result in a compromise of data or internal networks according to publicly known information. This incident tells us that while the websites demonstrated resilience against potential compromises, they were unfortunately unprepared for a DDoS attack.

Website defacements

Several Singapore websites suffered from politically motivated defacement attacks in late 2023. Those attacks affected a historical temple website, a retirement info website, a tourism agency and other businesses located in Singapore.

“The bottom line is that the trend for future attacks in Singapore will likely be related to denial of service attacks, politically motivated compromises, defacements, and data leaks. The targeted ransomware threat is still real too, but will adopt the newest trend of pressuring the victim through regulator complaints,” explains Kamluk.

South Korea

Prominent political events and cybersecurity threats

In the upcoming year of 2024, South Korea is poised to hold a significant general election. Historically, major political events such as this have consistently attracted the attention of threat actors, who view them as prime opportunities for launching direct cyberattacks with the intent of disrupting political proceedings. Furthermore, these threat actors often employ sophisticated social engineering techniques to achieve their goals. Thus, it is our firm belief that this impending major event will serve as a catalyst, intensifying the frequency and complexity of cyberattacks.



Customized Cyber Threats Targeting the Local IT Environment

Over the past several years, alleged state-sponsored threat actors have systematically infiltrated numerous entities within South Korea, employing widely adopted software solutions that are integral to the country's IT infrastructure. These adversaries adeptly exploited vulnerabilities specific to the local, well-known software and IT ecosystem, thereby facilitating the successful dissemination of their malicious software to their unsuspecting targets. This nefarious activity wreaked havoc across various industries, causing extensive damage.

“As we look ahead to the year 2024, it is evident that these customized threats, meticulously tailored to exploit South Korea's unique software landscape and IT environment, are poised to persist and pose an ongoing challenge,” adds Kamluk.

For organisations in APAC, Kaspersky shares the tips below to keep safe from these upcoming threats in 2024:

• Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.

• Establish the practice of using strong passwords to access corporate services. Use multi-factor authentication for access to remote services.

• Choose a proven endpoint security solution such as Kaspersky Endpoint Security for Business that is equipped with behaviour-based detection and anomaly control capabilities for effective protection against known and unknown threats.

• Use a dedicated set for effective endpoint protection, threat detection and response products to timely detect and remediate even new and evasive threats. Kaspersky Optimum Security is the essential set of endpoint protection empowered with EDR and MDR.

• Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors.